MdeModulePkg: enforce arch-specific alignment for split regions
The splitting of memory regions into code and data regions violates
architecture specific alignment rules by using a fixed alignment
of 4 KB. Replace it with EFI_ACPI_RUNTIME_PAGE_ALLOCATION_ALIGNMENT,
which is defined appropriately on each architecture.
MdeModulePkg: move arch-specific allocation granularity defines to DxeMain.h
Move the definitions of EFI_ACPI_RUNTIME_PAGE_ALLOCATION_ALIGNMENT and
DEFAULT_PAGE_ALLOCATION to DxeMain.h to make them available explicitly
to all parts of DxeCore.
OvmfPkg: AcpiS3SaveDxe: prepare for End-of-Dxe callback
We are preparing for detaching the S3Ready() functionality from the
EFI_ACPI_S3_SAVE_PROTOCOL.S3Save() protocol member function. Instead, we
will hook the same logic to the End-of-Dxe event group.
The EFI_ACPI_S3_SAVE_PROTOCOL has another member: GetLegacyMemorySize().
According to the documenation,
This function returns the size of the legacy memory (meaning below 1 MB)
that is required during an S3 resume. Before the Framework-based
firmware transfers control to the OS, it has to transition from flat
mode into real mode in case the OS supplies only a real-mode waking
vector. This transition requires a certain amount of legacy memory.
After getting the size of legacy memory below, the caller is responsible
for allocating the legacy memory below 1 MB according to the size that
is returned. The specific implementation of allocating the legacy memory
is out of the scope of this specification.
When EFI_ACPI_S3_SAVE_PROTOCOL.S3Save() is called, the address of the
legacy memory allocated above must be passed to it, in the
LegacyMemoryAddress parameter.
In practice however:
- The S3Ready() function ignores the LegacyMemoryAddress completely.
- No code in the edk2 tree calls
EFI_ACPI_S3_SAVE_PROTOCOL.GetLegacyMemorySize(), ever.
- All callers of this specific implementation of
EFI_ACPI_S3_SAVE_PROTOCOL.S3Save() in the edk2 tree pass a NULL
LegacyMemoryAddress:
For this reason, ASSERT() explicitly that LegacyGetS3MemorySize() is never
called, and that the LegacyMemoryAddress parameter is always NULL.
This fact is important to capture in the code, because in the End-of-Dxe
callback, no LegacyMemoryAddress parameter can be taken. So let's make it
clear that we actually don't even have any use for that parameter.
This patch ports the identical change from IntelFrameworkModulePkg to
OvmfPkg.
IntelFrameworkModulePkg: AcpiS3SaveDxe: call S3Ready() at End-of-Dxe
Call S3Ready() whenever the first of the following occurs:
- a driver signals End-of-Dxe,
- a driver calls EFI_ACPI_S3_SAVE_PROTOCOL.S3Save().
S3Ready() already contains a static, function scope "latch" that causes it
to exit early when called for the second time or later.
(At the moment, the only platform in the edk2 tree that includes this
driver is Vlv2TbltDevicePkg. That platform does not signal End-of-Dxe
(yet).)
http://thread.gmane.org/gmane.comp.bios.tianocore.devel/16088/focus=16146 Suggested-by: Yao Jiewen <jiewen.yao@intel.com> Cc: Yao Jiewen <jiewen.yao@intel.com> Cc: Jeff Fan <jeff.fan@intel.com> Cc: David Wei <david.wei@intel.com> Cc: Tim He <tim.he@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17805 6f19259b-4bc3-4df7-8a09-765794883524
IntelFrameworkModulePkg: AcpiS3SaveDxe: prepare for End-of-Dxe callback
We are preparing for detaching the S3Ready() functionality from the
EFI_ACPI_S3_SAVE_PROTOCOL.S3Save() protocol member function. Instead, we
will hook the same logic to the End-of-Dxe event group.
The EFI_ACPI_S3_SAVE_PROTOCOL has another member: GetLegacyMemorySize().
According to the documenation,
This function returns the size of the legacy memory (meaning below 1 MB)
that is required during an S3 resume. Before the Framework-based
firmware transfers control to the OS, it has to transition from flat
mode into real mode in case the OS supplies only a real-mode waking
vector. This transition requires a certain amount of legacy memory.
After getting the size of legacy memory below, the caller is responsible
for allocating the legacy memory below 1 MB according to the size that
is returned. The specific implementation of allocating the legacy memory
is out of the scope of this specification.
When EFI_ACPI_S3_SAVE_PROTOCOL.S3Save() is called, the address of the
legacy memory allocated above must be passed to it, in the
LegacyMemoryAddress parameter.
In practice however:
- The S3Ready() function ignores the LegacyMemoryAddress completely.
- No code in the edk2 tree calls
EFI_ACPI_S3_SAVE_PROTOCOL.GetLegacyMemorySize(), ever.
- All callers of EFI_ACPI_S3_SAVE_PROTOCOL.S3Save() in the edk2 tree pass
a NULL LegacyMemoryAddress:
For this reason, ASSERT() explicitly that LegacyGetS3MemorySize() is never
called, and that the LegacyMemoryAddress parameter is always NULL.
This fact is important to capture in the code, because in the End-of-Dxe
callback, no LegacyMemoryAddress parameter can be taken. So let's make it
clear that we actually don't even have any use for that parameter.
Cc: Yao Jiewen <jiewen.yao@intel.com> Cc: Jeff Fan <jeff.fan@intel.com> Cc: David Wei <david.wei@intel.com> Cc: Tim He <tim.he@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17804 6f19259b-4bc3-4df7-8a09-765794883524
ArmVirtPkg: build runtime drivers with 64 KB section alignment
This adds the 64 KB alignment overlay linker script to the linker
command line of DXE_RUNTIME_DRIVER modules. This makes these modules
compatible with the new Properties Table feature by aligning the .text
and .data sections to 64 KB.
Instead of relying on the builtin linker script of GNU ld, which
may vary based on binutils version (which is not tightly coupled to
the GCC version) and linker command line options, introduce a linker
script for AArch64 to be used by all GCC/binutils versions.
The script is laid out such that two ELF sections .text and .data are
created that map onto the PE/COFF with the same names. By aligning
.data to the minimum alignment of .text, and by not adding any
additional padding -which is what LD's builtin linker script does- the
relative offset between .text and .data is retained after the PE/COFF
conversion. This should prevent problems with debuggers and other
tooling that are ELF based.
Also provided is an overlay linker script that increases the alignment
of .text and .data to 64 KB. This is intended for DXE_RUNTIME_DRIVER
modules, to make them compatible with the newly introduced
Properties Table feature.
MdeModulePkg: Update DxeCore to handle LoadFile DevicePath
UEFI Spec HTTP Boot Device Path, after retrieving the boot resource
information, the BootURI device path node will be updated to include
the BootURI information. It means the device path on the child handle
will be updated after the LoadFile() service is called.
To handle this case, DxeCore LoadImage() service is updated as the below:
1) Get Device handle based on Device Path
2) Call LoadFile() service (GetFileBufferByFilePath() API) to get Load File Buffer.
3) Retrieve DevicePath from Device handle
MdeModulePkg: UefiBootManagerLib to handle LoadFile DevicePath
UEFI Spec HTTP Boot Device Path, after retrieving the boot resource
information, the BootURI device path node will be updated to include
the BootURI information. It means the device path on the child handle
will be updated after the LoadFile() service is called.
To handle this case, UefiBootManagerLib BmGetLoadOptionBuffer API
is updated as the below:
1) Get Device handle based on Device Path
2) Call LoadFile() service (GetFileBufferByFilePath() API) to get Load File Buffer.
3) Retrieve DevicePath from Device handle
MdeModulePkg: SecurityManagementLib to handle LoadFile DevicePath
UEFI Spec HTTP Boot Device Path, after retrieving the boot resource
information, the BootURI device path node will be updated to include
the BootURI information. It means the device path on the child handle
will be updated after the LoadFile() service is called.
To handle this case, SecurityManagementLib ExecuteSecurityHandlers API
is updated as the below:
1) Get Device handle based on Device Path
2) Call LoadFile() service (GetFileBufferByFilePath() API) to get Load File Buffer.
3) Retrieve DevicePath from Device handle
Star Zeng [Thu, 2 Jul 2015 00:50:42 +0000 (00:50 +0000)]
MdeModulePkg Variable: Minor enhancement to VarCheck
1. When Property->Attributes == 0, don't check input Attributes.
2. Enhance comments to be indent aligned and debug message
to be aligned with other messages.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17794 6f19259b-4bc3-4df7-8a09-765794883524
Star Zeng [Wed, 1 Jul 2015 03:13:02 +0000 (03:13 +0000)]
SecurityPkg: Delete Auth Variable driver
1. Delete TpmMeasurementLib LibraryClass from SecurityPkg after it moved to MdeModulePkg.
2. Update DxeTpmMeasurementLib.inf to include MdeModulePkg.dec.
3. Delete authenticated variable definition from AuthenticatedVariableFormat.h after
them moved to VariableFormat.h.
4. Replace VARIABLE_HEADER with AUTHENTICATED_VARIABLE_HEADER in EsalVariableDxeSal.
5. Delete VariableInfo from SecurityPkg after it merged to VariableInfo in MdeModulePkg.
6. Delete VariablePei from SecurityPkg after it merged to VariablePei in MdeModulePkg.
7. Delete Auth Variable driver from SecurityPkg after it merged to Variable driver in
MdeModulePkg.
8. Also update PACKAGE_GUID and PACKAGE_VERSION in SecurityPkg.dec after the deletion
of authenticated variable definition, VariableInfo, VariablePei and Auth Variable
driver from SecurityPkg; update PLATFORM_VERSION in SecurityPkg.dsc.
Star Zeng [Wed, 1 Jul 2015 03:10:27 +0000 (03:10 +0000)]
ArmVirtPkg: Cleanup redundant library class resolution of Variable modules
SecurityPkg/VariableAuthenticated/Pei/VariablePei.inf doesn't consume
BaseCryptLib directly or indirectly, cleanup it.
SecurityPkg/VariableAuthenticated/Pei/VariablePei.inf {
<LibraryClasses>
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
}
BaseCryptLib has been declared at [LibraryClasses.common.DXE_RUNTIME_DRIVER]
section in ArmVirt.dsc.inc.
OpensslLib has been declared at [LibraryClasses.common]
section in ArmVirt.dsc.inc.
So cleanup them.
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf {
<LibraryClasses>
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
}
Star Zeng [Wed, 1 Jul 2015 03:10:01 +0000 (03:10 +0000)]
ArmPlatformPkg: Use the merged Variable driver
Remove gVariableAuthenticatedRuntimeDxeFileGuid definition in
ArmPlatformPkg.dec and use gVariableRuntimeDxeFileGuid in
NorFlashAuthenticatedDxe.inf as auth Variable driver in SecurityPkg
and Variable driver in MdeModulePkg have been merged.
Star Zeng [Wed, 1 Jul 2015 03:08:29 +0000 (03:08 +0000)]
MdeModulePkg Variable: Merge from Auth Variable driver in SecurityPkg
What to do:
1. Merge from Auth Variable driver in SecurityPkg to Variable drive in
MdeModulePkg. Then the merged Variable driver in MdeModulePkg will
link to AuthVariableLib and TpmMeasurementLib.
AuthVariableLibNull and TpmMeasurementLibNull in MdeModulePkg
could be used for non auth variable support.
AuthVariableLib and DxeTpmMeasurementLib in SecurityPkg
may be used for auth variable support.
Why to do:
1. Remove code duplication and reduce maintenance effort.
After auth variable service separated from Auth Variable driver in SecurityPkg
to AuthVariableLib. The remaining code logic of Auth Variable driver in SecurityPkg
will be almost same with Variable driver in MdeModulePkg. Now it is to
merge them.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17765 6f19259b-4bc3-4df7-8a09-765794883524
Star Zeng [Wed, 1 Jul 2015 03:07:27 +0000 (03:07 +0000)]
Vlv2TbltDevicePkg: Link AuthVariableLib for following merged variable driver deploy
AuthVariableLib and TpmMeasurementLib library classes are now linked with
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
to optionally support secure variables.
For Vlv2TbltDevicePkg,
link AuthVariableLib and DxeTpmMeasurementLib in SecurityPkg
when SECURE_BOOT_ENABLE = TRUE,
and link AuthVariableLibNull and TpmMeasurementLibNull in MdeModulePkg
when SECURE_BOOT_ENABLE = FALSE.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: David Wei <david.wei@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17764 6f19259b-4bc3-4df7-8a09-765794883524
Star Zeng [Wed, 1 Jul 2015 03:07:02 +0000 (03:07 +0000)]
ArmVirtPkg: Link AuthVariableLib for following merged variable driver deploy
AuthVariableLib and TpmMeasurementLib library classes are now linked with
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
to optionally support secure variables.
For ArmVirtPkg,
link AuthVariableLib and DxeTpmMeasurementLib in SecurityPkg
when SECURE_BOOT_ENABLE = TRUE,
and link AuthVariableLibNull and TpmMeasurementLibNull in MdeModulePkg
when SECURE_BOOT_ENABLE = FALSE.
Star Zeng [Wed, 1 Jul 2015 03:05:47 +0000 (03:05 +0000)]
OvmfPkg: Link AuthVariableLib for following merged variable driver deploy
AuthVariableLib and TpmMeasurementLib library classes are now linked with
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
to optionally support secure variables.
For OvmfPkg,
link AuthVariableLib and DxeTpmMeasurementLib in SecurityPkg
when SECURE_BOOT_ENABLE = TRUE,
and link AuthVariableLibNull and TpmMeasurementLibNull in MdeModulePkg
when SECURE_BOOT_ENABLE = FALSE.
Star Zeng [Wed, 1 Jul 2015 03:05:22 +0000 (03:05 +0000)]
Nt32Pkg: Link AuthVariableLib for following merged variable driver deploy
AuthVariableLib and TpmMeasurementLib library classes are now linked with
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
to optionally support secure variables.
For Nt32Pkg,
link AuthVariableLib and DxeTpmMeasurementLib in SecurityPkg
when SECURE_BOOT_ENABLE = TRUE,
and link AuthVariableLibNull and TpmMeasurementLibNull in MdeModulePkg
when SECURE_BOOT_ENABLE = FALSE.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17759 6f19259b-4bc3-4df7-8a09-765794883524
What to do:
1. Implement AuthVariableLib library instance.
2. Temporarily add VARIABLE_ENTRY_CONSISTENCY and
variable attribute combinations definitions to
AuthenticatedVariableFormat.h for git bisect.
Why to do:
1. Share code.
Separate auth variable service from Auth Variable driver in
SecurityPkg to AuthVariableLib. Then the AuthVariableLib could benefit
and be used by different implementation of Auth Variable drivers.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17758 6f19259b-4bc3-4df7-8a09-765794883524
Star Zeng [Wed, 1 Jul 2015 03:04:18 +0000 (03:04 +0000)]
MdeModulePkg: Add AuthVariableLib LibraryClass
What to do:
1. Add AuthVariableLib LibraryClass definitions.
2. Implement a NULL AuthVariableLib library instance.
3. Add VARIABLE_ENTRY_PROPERTY definition to VarCheck.h.
4. Add VARIABLE_ENTRY_CONSISTENCY and variable attribute
combinations definitions to VariableFormat.h.
Why to do:
1. Share code.
1.1. Separate auth variable service from Auth Variable driver in
SecurityPkg to AuthVariableLib. Then the AuthVariableLib could benefit
and be used by different implementation of Auth Variable drivers.
1.2 The VARIABLE_ENTRY_PROPERTY definition to VarCheck.h,
VARIABLE_ENTRY_CONSISTENCY and variable attribute
combinations definitions to VariableFormat.h will be shared
by merged Variable driver and AuthVariableLib.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17757 6f19259b-4bc3-4df7-8a09-765794883524
Star Zeng [Wed, 1 Jul 2015 03:03:26 +0000 (03:03 +0000)]
MdeModulePkg VariablePei: Merge from VariablePei in SecurityPkg
What to do:
1. Merge from VariablePei in SecurityPkg to VariablePei in MdeModulePkg.
Why to do:
1. Remove code duplication and reduce maintenance effort.
The code logic of VariablePei in SecurityPkg is same with VariablePei
in MdeModulePkg.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17756 6f19259b-4bc3-4df7-8a09-765794883524
Star Zeng [Wed, 1 Jul 2015 03:02:45 +0000 (03:02 +0000)]
MdeModulePkg VariableInfo: Merge from VariableInfo in SecurityPkg
What to do:
1. Merge VariableInfo in SecurityPkg to VariableInfo in MdeModulePkg.
Why to do:
1. Remove code duplication and reduce maintenance effort.
The functionality of VariableInfo in SecurityPkg has covered VariableInfo
in MdeModulePkg.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17755 6f19259b-4bc3-4df7-8a09-765794883524
Star Zeng [Wed, 1 Jul 2015 03:02:08 +0000 (03:02 +0000)]
MdeModulePkg: Move authenticated variable definition from SecurityPkg
What to do:
1. Move authenticated variable definition from AuthenticatedVariableFormat.h
to VariableFormat.h with gEfiAuthenticatedVariableGuid and
AUTHENTICATED_VARIABLE_HEADER.
Why to do:
1. Share code.
We are moving forward to separate auth variable service from Auth Variable
driver in SecurityPkg to AuthVariableLib. Then the AuthVariableLib could benefit
and be used by different implementation of Auth Variable drivers.
2. Remove code duplication and reduce maintenance effort.
After auth variable service separated from Auth Variable driver in SecurityPkg
to AuthVariableLib. The remaining code logic of Auth Variable driver in SecurityPkg
will be almost same with Variable driver in MdeModulePkg. We are going to
merge them.
3. gEfiAuthenticatedVariableGuid will be used by both merged Variable driver
and AuthVariableLib, AUTHENTICATED_VARIABLE_HEADER will be used by
merged Variable driver.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17754 6f19259b-4bc3-4df7-8a09-765794883524
Star Zeng [Wed, 1 Jul 2015 03:01:34 +0000 (03:01 +0000)]
MdeModulePkg: Move TpmMeasurementLib LibraryClass from SecurityPkg
What to do:
1. Move TpmMeasurementLib LibraryClass from SecurityPkg to MdeModulePkg.
2. Implement a NULL TpmMeasurementLib library instance.
Why to do:
1. Share code.
We are moving forward to separate auth variable service from Auth Variable
driver in SecurityPkg to AuthVariableLib. Then the AuthVariableLib could benefit
and be used by different implementation of Auth Variable drivers.
2. Remove code duplication and reduce maintenance effort.
After auth variable service separated from Auth Variable driver in SecurityPkg
to AuthVariableLib. The remaining code logic of Auth Variable driver in SecurityPkg
will be almost same with Variable driver in MdeModulePkg. We are going to
merge them.
3. TpmMeasurementLib is consumed by Auth Variable driver in SecurityPkg now,
as Auth Variable driver in SecurityPkg will be merged to Variable driver in
MdeModulePkg, so the library class also needs to be moved to MdeModulePkg.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17753 6f19259b-4bc3-4df7-8a09-765794883524
NetworkPkg: Add IPv6 DUID configuration support using platform PCD.
The code today always uses DUID-UUID unless there is an error in reading the UUID,
which results in falling through to DUID-LLT. This change allows the platform to
control the DUID method (DUID-UUID or DUID-LLT) using a platform dynamic PCD.
CHAR16 array mGaugeString[DP_GAUGE_STRING_LENGTH + 1] is pass into
function GetShortPdbFileName(). However, in this function it treats the
size of the input buffer as DXE_PERFORMANCE_STRING_SIZE.
Though DXE_PERFORMANCE_STRING_SIZE is smaller than DP_GAUGE_STRING_LENGTH
now, but this manner might introduce a potential risk of buffer overflow.
Yingke Liu [Mon, 29 Jun 2015 03:10:25 +0000 (03:10 +0000)]
BaseTools: Update IASL download link and remove specific version info.
The version of IASL compiler in the tools_def.template file no longer exists on the acpica.org site.
Update download link and remove the specific version info from the tools_def.template file.
Laszlo Ersek [Fri, 26 Jun 2015 16:09:52 +0000 (16:09 +0000)]
OvmfPkg: PlatformPei: invert MTRR setup in QemuInitializeRam()
At the moment we work with a UC default MTRR type, and set three memory
ranges to WB:
- [0, 640 KB),
- [1 MB, LowerMemorySize),
- [4 GB, 4 GB + UpperMemorySize).
Unfortunately, coverage for the third range can fail with a high
likelihood. If the alignment of the base (ie. 4 GB) and the alignment of
the size (UpperMemorySize) differ, then MtrrLib creates a series of
variable MTRR entries, with power-of-two sized MTRR masks. And, it's
really easy to run out of variable MTRR entries, dependent on the
alignment difference.
This is a problem because a Linux guest will loudly reject any high memory
that is not covered my MTRR.
So, let's follow the inverse pattern (loosely inspired by SeaBIOS):
- flip the MTRR default type to WB,
- set [0, 640 KB) to WB -- fixed MTRRs have precedence over the default
type and variable MTRRs, so we can't avoid this,
- set [640 KB, 1 MB) to UC -- implemented with fixed MTRRs,
- set [LowerMemorySize, 4 GB) to UC -- should succeed with variable MTRRs
more likely than the other scheme (due to less chaotic alignment
differences).
Effects of this patch can be observed by setting DEBUG_CACHE (0x00200000)
in PcdDebugPrintErrorLevel.
Laszlo Ersek [Fri, 26 Jun 2015 16:09:43 +0000 (16:09 +0000)]
OvmfPkg: PlatformPei: create the CPU HOB with dynamic memory space width
Maoming reported that guest memory sizes equal to or larger than 64GB
were not correctly handled by OVMF.
Enabling the DEBUG_GCD (0x00100000) bit in PcdDebugPrintErrorLevel, and
starting QEMU with 64GB guest RAM size, I found the following error in the
OVMF debug log:
This message is emitted when the DXE core is initializing the memory space
map, processing the "above 4GB" memory resource descriptor HOB that was
created by OVMF's QemuInitializeRam() function (see "UpperMemorySize").
The DXE core's call chain fails in:
CoreInternalAddMemorySpace() [MdeModulePkg/Core/Dxe/Gcd/Gcd.c]
CoreConvertSpace()
//
// Search for the list of descriptors that cover the range BaseAddress
// to BaseAddress+Length
//
CoreSearchGcdMapEntry()
CoreSearchGcdMapEntry() fails because the one entry (with type
"nonexistent") in the initial GCD memory space map is too small, and
cannot be split to cover the memory space range being added:
We'll soon increase the maximum guest-physical RAM size supported by OVMF.
For more RAM, the DXE IPL is going to build more page tables, and for that
it's going to need a bigger chunk from the permanent PEI RAM.
Otherwise CreateIdentityMappingPageTables() would fail with:
> DXE IPL Entry
> Loading PEIM at 0x000BFF61000 EntryPoint=0x000BFF61260 DxeCore.efi
> Loading DXE CORE at 0x000BFF61000 EntryPoint=0x000BFF61260
> AllocatePages failed: No 0x40201 Pages is available.
> There is only left 0x3F1F pages memory resource to be allocated.
> ASSERT .../MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c(123):
> BigPageAddress != 0
(The above example belongs to the artificially high, maximal address width
of 52, clamped by the DXE core to 48. The address width of 48 bits
corresponds to 256 TB or RAM, and requires a bit more than 1GB for paging
structures.)
Cc: Maoming <maoming.maoming@huawei.com> Cc: Huangpeng (Peter) <peter.huangpeng@huawei.com> Cc: Wei Liu <wei.liu2@citrix.com> Cc: Brian J. Johnson <bjohnson@sgi.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Brian J. Johnson <bjohnson@sgi.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17719 6f19259b-4bc3-4df7-8a09-765794883524
Tian Feng [Fri, 26 Jun 2015 08:42:46 +0000 (08:42 +0000)]
SecurityPkg/TcgMor: move TPer Reset operation to this module
The TPer Reset operation is a common logic. So it's added into
SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf module and
would be triggered at EndOfDxe.
By this way, all encrypted drives which produce EFI_STORAGE_SECURITY_
RPOTOCOL interface would be force reset when MOR is set.
Jeff Fan [Fri, 26 Jun 2015 03:06:50 +0000 (03:06 +0000)]
SourceLevelDebugPkg/DebugAgent: Add typecast to fix sign extension
OffsetHigh is 16bit value and its type is UINT32 and defined in structure.
It will be 32bit int type after do 16-bit left-shift operation. Then it will
sign extension if cast it to UINT64 if its high bit is 1.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Scott Duplichan <scott@notabs.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17716 6f19259b-4bc3-4df7-8a09-765794883524
Ard Biesheuvel [Thu, 25 Jun 2015 14:49:06 +0000 (14:49 +0000)]
ArmVirtPkg: signal EndOxDxe event in PlatformBsdInit
Currently, the ArmVirtPkg platforms built with the Intel BDS fail
to signal the end-of-DXE event 'gEfiEndOfDxeEventGroupGuid' when
entering the BDS phase, which results in some loss of functionality,
i.e., variable reclaim in the VariableDxe drivers, and the splitting
of the memory regions that is part of the recently added UEFI 2.5
properties table feature.
it is up to the platform BDS to signal that event, since there may be
platform specific ordering constraints with respect to the signalling
of the event that are difficult to honor at the generic level.
So add the SignalEvent () call to PlatformBdsInit () of ArmVirtPkg's
PlatformBdsLib implementation for the Intel BDS.